Browse all 118 CVE security advisories affecting Wikimedia Foundation. AI-powered Chinese analysis, POCs, and references for each vulnerability.
The Wikimedia Foundation operates the world’s largest collaborative encyclopedia platform, hosting Wikipedia and related projects that serve billions of monthly visitors. Its infrastructure relies on complex software stacks, including MediaWiki, which has historically been susceptible to various vulnerability classes. Common issues include cross-site scripting (XSS), SQL injection, and remote code execution (RCE) stemming from legacy code paths or misconfigurations. While the organization maintains a robust security posture with regular audits and bug bounty programs, the sheer scale of its codebase and the open nature of its editing model present unique challenges. Recent years have seen efforts to mitigate privilege escalation risks and improve input validation. Despite these ongoing technical hurdles, the Foundation remains a critical public resource, balancing transparency with the need to protect user data and system integrity against sophisticated cyber threats targeting its extensive digital footprint.
This page lists every published CVE security advisory associated with Wikimedia Foundation. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.